TGX encrypts all network traffic using Secure Sockets Layer (SSL) encryption. This protection ensures the privacy of display, keyboard, mouse, and audio information between the Sender and Receiver.

Transient (in-memory) copies of credentials (domain, username, and password) are hashed with 256-bit AES in all TGX applications. Any inter-process communication between TGX applications (over the network or on the same computer) are also 256-bit AES hashed. By default, all TGX network traffic uses SSL (4096-bit RSA) for encryption. There are no differences in encryption between Windows, Linux and Mac.

When TGX is used with a broker, the connection file uses 4096-bit RSA public/private key encryption for the password field (domain and username are plain text). For best security, no one should keep a TGX file with any form of password (plain or encrypted) on disk.